Some Exercises for Improving Your Security Posture

Your enterprise security perimeter is now much larger than ever before, perhaps crossing continents and oceans. And like a mutating life form, that perimeter amorphously alters its contour and shape every few milliseconds. No longer is the corporate firewall or virtual private network or router the ultimate arbiter of perimeter security. The perimeter is now defined by the true extremities of the network: the user’s end-node workstation, be it a laptop in Singapore, a hotel room in Vancouver, a high-bandwidth residence in Westchester or a business partner with its own global network and set of marauding extremities.

Inexpensive, near full-time high-bandwidth connections to the Internet are now available to small offices, homes and corporate branch offices. Security-wise, that means the extremities of your network are connected to the Internet up to 24-7, yet you have no control over security. Corporate information is stored on distant laptops, home-based desktops and satellite offices that too often are not considered worthy of “real” firewall protection.

Cable modems and DSL lines add bandwidth and performance for the remote user, which is a good thing. But remember that enhanced functionality usually means a security risk. Connecting a single PC to the Internet over the new high-speed lines means that your remote worker may be exposing sensitive or proprietary corporate information for anyone to scan at will. What’s an overtaxed chief information security officer to do?

Until recently there wasn’t much more you could do than ask everyone at the network perimeter to make sure they practiced safe computing, whatever that meant to each individual. Then on Oct. 9, Gibson Research Corp. put up what I consider to be one of the most useful security Web sites I have encountered. Whether at home or the office, this site can really improve your security posture in seconds. What’s more, the service is free and GRC does not save any information about you or your machines.

When you first go to www.grc.com, click on ShieldsUP! and wait a few seconds. Depending upon how well protected your Internet connection computer is, you will receive one of two messages: “Greetings (your computer name!)” or simply “Greetings!” If you receive the first greeting, your computer or server is broadcasting its name to the Internet; if the second, your computer is not saying a word about your identity.

You are then invited to test the security of your Internet connection by pressing the “Test My Shields” button. In a few seconds you will receive a report. In some cases, especially if you have your TCP/IP bindings for print and file sharing set wrong, you will see a logical map of your computer, including all of its resources. If the GRC site can do this in seconds, so can any hacker-a frightening thought.

But it doesn’t stop there. If you receive a bad grade, ShieldsUP! makes recommendations for improving your Internet security.

The step-by-step instructions are impressive and are written for the average Joe to follow. After a few minutes of tweaking, reboot and rerun the same test. The response you hope to see is the one indicating that ShieldsUP! was unable to connect to your computer.

ShieldsUP! will also perform Evil Port Monitor tests, which will benignly scan the common ports of your computer to determine their status and give you advice on what to do if security vulnerabilities are detected. The well-documented step-by-step instructions are easy to follow.

Hundreds of thousands of travelling corporate workers out there are extending your enterprise perimeter, and the security implications are becoming more and more important to your enterprise network’s well-being. In only the last two weeks, a number of my clients have asked their employees to fine-tune their laptops and home desktop computer security in an effort to maintain a reasonable corporate security posture.

Head on down to the GRC Web site and see for yourself what it can do. I think you will be impressed.

(Schwartau is president of Interpact, founder of InfoWar.Com and a popular speaker on security issues. He can be reached at [email protected].)

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Previous article
Next article

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now